Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/a36a2171-12a0-4e01-bcab-be3b6b836f5d/0/323430373a366163303a313a3a2f34382d3438203d3e20313431393638.roa
File:                     323430373a366163303a313a3a2f34382d3438203d3e20313431393638.roa (raw, json)
Hash identifier:          JuWvkFNe6CRMNhByLK16nJkYZTO2k5TO5xniu6RBjQg=
Subject key identifier:   C9:2B:C3:DA:75:BB:ED:F9:5E:6D:32:F3:62:38:E0:A5:A0:A2:E7:B1
Certificate issuer:       /CN=F061545740B6B66A9D3C1D1FE4F3FDB5A4F69387
Certificate serial:       59A6EB0EC5073F2744F72925A4BB793CCFF8C84A
Authority key identifier: F0:61:54:57:40:B6:B6:6A:9D:3C:1D:1F:E4:F3:FD:B5:A4:F6:93:87
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/F061545740B6B66A9D3C1D1FE4F3FDB5A4F69387.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/a36a2171-12a0-4e01-bcab-be3b6b836f5d/0/323430373a366163303a313a3a2f34382d3438203d3e20313431393638.roa
Signing time:             Mon 29 Sep 2025 05:02:57 +0000
ROA not before:           Mon 29 Sep 2025 04:57:57 +0000
ROA not after:            Mon 28 Sep 2026 05:02:57 +0000
asID:                     141968
IP address blocks:        2407:6ac0:1::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/a36a2171-12a0-4e01-bcab-be3b6b836f5d/0/F061545740B6B66A9D3C1D1FE4F3FDB5A4F69387.crl
                          rsync://repo-rpki.idnic.net/repo/a36a2171-12a0-4e01-bcab-be3b6b836f5d/0/F061545740B6B66A9D3C1D1FE4F3FDB5A4F69387.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/F061545740B6B66A9D3C1D1FE4F3FDB5A4F69387.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 22 Oct 2025 21:45:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            59:a6:eb:0e:c5:07:3f:27:44:f7:29:25:a4:bb:79:3c:cf:f8:c8:4a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F061545740B6B66A9D3C1D1FE4F3FDB5A4F69387
        Validity
            Not Before: Sep 29 04:57:57 2025 GMT
            Not After : Sep 28 05:02:57 2026 GMT
        Subject: CN=C92BC3DA75BBEDF95E6D32F36238E0A5A0A2E7B1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:6d:32:02:d7:ae:1f:f6:2c:68:40:09:b1:a0:
                    61:2f:e1:a3:04:b2:53:ae:43:c8:65:37:db:a4:49:
                    05:7c:94:60:b4:d3:74:bf:e0:84:c8:36:25:f2:5a:
                    8a:1b:05:5f:a4:38:00:ff:6e:cd:fc:d4:45:22:01:
                    2f:e0:c7:90:33:91:de:57:32:36:ab:66:00:2b:fc:
                    62:a5:89:48:24:69:02:24:1b:9c:6c:25:57:11:63:
                    cd:75:39:36:c4:85:81:b2:22:94:76:14:ca:3e:f4:
                    a5:fc:43:8c:a1:90:9d:8a:11:22:07:fc:94:4f:f2:
                    cd:40:7e:be:2d:93:4b:9a:26:85:fc:59:1b:88:60:
                    ef:e2:82:bb:aa:21:6b:eb:3e:d7:bc:09:12:a7:a9:
                    24:5a:27:5e:6d:3c:c7:fa:70:ff:d1:53:e3:0a:8c:
                    81:cc:7f:3c:66:af:f0:59:c6:88:a6:36:7b:a2:63:
                    0e:08:aa:85:c0:5c:05:8b:df:7b:04:ac:90:40:59:
                    fd:fe:23:82:1c:76:50:4d:78:f6:5e:ce:be:8a:ab:
                    fd:0e:f9:6d:2b:ee:63:47:90:3e:c3:b5:2d:8d:17:
                    b7:c7:06:b0:66:13:4b:d1:28:49:e5:2f:c0:dc:98:
                    b7:6c:f7:32:b9:68:92:45:0d:69:a1:93:c1:e2:78:
                    bd:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:2B:C3:DA:75:BB:ED:F9:5E:6D:32:F3:62:38:E0:A5:A0:A2:E7:B1
            X509v3 Authority Key Identifier:
                keyid:F0:61:54:57:40:B6:B6:6A:9D:3C:1D:1F:E4:F3:FD:B5:A4:F6:93:87

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/a36a2171-12a0-4e01-bcab-be3b6b836f5d/0/F061545740B6B66A9D3C1D1FE4F3FDB5A4F69387.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/F061545740B6B66A9D3C1D1FE4F3FDB5A4F69387.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a36a2171-12a0-4e01-bcab-be3b6b836f5d/0/323430373a366163303a313a3a2f34382d3438203d3e20313431393638.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2407:6ac0:1::/48

    Signature Algorithm: sha256WithRSAEncryption
         a8:9f:fe:b2:8b:63:14:b6:a2:d5:e9:25:28:c9:b8:85:54:e4:
         f1:b5:6a:26:c6:5f:76:23:30:c9:35:8d:9a:ad:8b:b0:39:6c:
         9b:e3:7e:24:54:e9:58:7c:02:b7:34:d1:d6:39:f9:1c:07:79:
         0c:86:8a:19:2d:ec:48:d8:ba:4e:50:a5:79:88:35:93:de:5a:
         6e:25:ad:d0:75:c3:4d:f0:c3:00:63:6f:40:8b:68:9a:e4:9b:
         03:00:56:3a:35:6f:77:3e:b7:6c:47:5e:57:8a:75:b0:09:58:
         70:06:9d:05:68:78:53:25:2d:3d:96:0f:f7:ed:84:25:29:71:
         ad:94:b3:e7:3c:fa:7d:c3:04:3c:ed:e8:6c:a0:4e:7a:11:a5:
         19:6b:fe:62:a0:98:0d:a7:74:ef:2f:89:58:c8:2b:65:02:e1:
         cf:32:08:be:ee:d3:6a:b9:f7:eb:e2:14:64:74:c1:41:3b:0c:
         a1:bd:55:3e:54:58:c2:df:45:22:83:ae:35:c7:ac:ef:13:b6:
         57:94:a6:71:42:de:72:11:04:4e:52:62:e6:5c:75:08:a1:60:
         76:a0:66:7a:e6:cb:53:35:f4:ce:5b:a6:fd:d1:63:ba:14:74:
         6c:0c:2a:f4:5a:32:00:43:4b:20:05:14:1d:44:ee:ad:1e:6e:
         65:48:d2:38
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUWabrDsUHPydE9yklpLt5PM/4yEowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRjA2MTU0NTc0MEI2QjY2QTlEM0MxRDFGRTRGM0ZEQjVB
NEY2OTM4NzAeFw0yNTA5MjkwNDU3NTdaFw0yNjA5MjgwNTAyNTdaMDMxMTAvBgNV
BAMTKEM5MkJDM0RBNzVCQkVERjk1RTZEMzJGMzYyMzhFMEE1QTBBMkU3QjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCdbTIC164f9ixoQAmxoGEv4aME
slOuQ8hlN9ukSQV8lGC003S/4ITINiXyWoobBV+kOAD/bs381EUiAS/gx5Azkd5X
MjarZgAr/GKliUgkaQIkG5xsJVcRY811OTbEhYGyIpR2FMo+9KX8Q4yhkJ2KESIH
/JRP8s1Afr4tk0uaJoX8WRuIYO/igruqIWvrPte8CRKnqSRaJ15tPMf6cP/RU+MK
jIHMfzxmr/BZxoimNnuiYw4IqoXAXAWL33sErJBAWf3+I4IcdlBNePZezr6Kq/0O
+W0r7mNHkD7DtS2NF7fHBrBmE0vRKEnlL8DcmLds9zK5aJJFDWmhk8HieL2HAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUySvD2nW77flebTLzYjjgpaCi57EwHwYDVR0j
BBgwFoAU8GFUV0C2tmqdPB0f5PP9taT2k4cwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h
MzZhMjE3MS0xMmEwLTRlMDEtYmNhYi1iZTNiNmI4MzZmNWQvMC9GMDYxNTQ1NzQw
QjZCNjZBOUQzQzFEMUZFNEYzRkRCNUE0RjY5Mzg3LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvRjA2MTU0NTc0MEI2QjY2QTlEM0MxRDFGRTRGM0ZEQjVBNEY2
OTM4Ny5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2EzNmEyMTcxLTEyYTAtNGUwMS1i
Y2FiLWJlM2I2YjgzNmY1ZC8wLzMyMzQzMDM3M2EzNjYxNjMzMDNhMzEzYTNhMmYz
NDM4MmQzNDM4MjAzZDNlMjAzMTM0MzEzOTM2Mzgucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAkB2rAAAEw
DQYJKoZIhvcNAQELBQADggEBAKif/rKLYxS2otXpJSjJuIVU5PG1aibGX3YjMMk1
jZqti7A5bJvjfiRU6Vh8Arc00dY5+RwHeQyGihkt7EjYuk5QpXmINZPeWm4lrdB1
w03wwwBjb0CLaJrkmwMAVjo1b3c+t2xHXleKdbAJWHAGnQVoeFMlLT2WD/fthCUp
ca2Us+c8+n3DBDzt6GygTnoRpRlr/mKgmA2ndO8viVjIK2UC4c8yCL7u02q59+vi
FGR0wUE7DKG9VT5UWMLfRSKDrjXHrO8TtleUpnFC3nIRBE5SYuZcdQihYHagZnrm
y1M19M5bpv3RY7oUdGwMKvRaMgBDSyAFFB1E7q0ebmVI0jg=
-----END CERTIFICATE-----
Generated at Mon Oct 20 07:21:16 2025 by rpki-client